File Integrity Monitoring
FIM tools watch critical files and configurations and alert when they change unexpectedly. SOC teams use it to detect tampering with system binaries, web content, or configuration files, which often signals an intrusion. It matters because attackers frequently modify files to hide, persist, or plant malicious code, and FIM is also required by standards like PCI DSS.